Employer: Create Account or Login
Sign In
 [New User? Sign Up]
Mobile Version

Assessment and Authorization (A&A) Analyst Job


Job Code:
Apply on the Company Site
  • Save Ad
  • Email Friend
  • Print
  • Research Salary

Job Details

Assessment and Authorization (A&A) Analyst Job

Assessment and Authorization (A&A) Analyst Job

Date: Jul 12, 2018

Location: Vienna, VA, US

Company: SAIC

Assessment and Authorization (A&A) Analyst (Job Number:435845)


SAIC is currently seeking candidates for an A&A Analyst to support a Federal Civilian agency in Vienna., VA

Job Description

- Perform assessment and authorization (A&A) efforts under the NIST Risk Management Framework (RMF) on behalf of a federal civilian agency as a contractor.
- Conduct cybersecurity analysis in preparation for A&A reviewing and validation of all associated cybersecurity documentation and technical controls.
- Work within a team that conducts A&A activities.
- Develop System Security Plans (SSP), Contingency Plans, Business Impact Analyses (BIA), Plan of Action and Milestones (POA&Ms), Security Assessment Report (SARs), Security Assessment Plan (SAPs), and other documentation.
- Covers all cybersecurity aspects including, but not limited to, identifying risks, validating the mitigation of plans of action, analyzing system designs, and assisting with A&A issues that may prevent a system from receiving authorization.
- Supports the implementation of RMF by developing documentation and updating policies, procedures, and processes as assigned.

Responsibilities and Duties:

- Identify key stakeholders in A&A efforts and ensure system documentation reflects current system security configurations to include hardware and software components, data flow, interconnections, and ports, protocols, and services, etc.
- Identify potential risks associated with system configurations and advise on mitigation strategies
- Participate in A&A status meetings and facilitate moving systems toward a successful A&A effort
- Assist to estimate Level of Effort (LOE) involved in performing A&A activities
- Assist to develop and implement detailed test plans and review findings from self-assessments to determine readiness for independent validation and verification (IV&V) assessment
- Assist customer program offices in interpreting and applying mitigation strategies
- Conduct IV&V assessments and analyze test results for accuracy, compliance, and adherence to Federal cybersecurity requirements
- Conduct thorough reviews of all vulnerabilities, architecture, and defense in depth strategies and report findings in POA&Ms document
- Document residual risks and provide the cybersecurity risk analysis and mitigation determination results
- Produce risk assessment artifacts describing initial risks during system development and residual risks identified during IV&V
- Maintain cybersecurity policy and processes as assigned
- Able to analyze, interpret, and apply Federal cybersecurity guidance to customer needs
- Communicate the security posture of systems through designated reporting mechanism
- Collaborate with other team members in cybersecurity

Clearance Required

- US Citizen with the ability to obtain a Public Trust Clearance. Note: A DOD clearance cannot be utilized to support this role.

Required Education

- Bachelor's Degree in IT, Cyber Security, Computer Science, or related field preferred and 5+ years of experience
- One or more of the following certifications preferred (Security+, CAP, CISSP, CISM, GSEC, GCIH, or GSLC)

Required Experience:

- 3+ years of experience in the following areas: Cybersecurity policy, procedures, and processes, including RMF and NIST 800-53 and A&A's
- Experience using MS office tools such as Excel, Word and Visio
- Familiar with NIST publications, specifically RMF and NIST controls
- Familiar with dealing with defense- in-depth, and other information security and assurance principles and associated supporting technologies
- Excellent customer service and organization skills
- Excellent oral and written communication skills
- Must demonstrate proficiency in the following areas: multi-tasking, critical thinking; and the ability to work quickly, efficiently and accurately in a dynamic and fluid environment
- Ability to work both independently and as a member of a team
- Microsoft Office (Word, Excel, Visio, PowerPoint, MS Project), MS SharePoint

Desired Experience

- Experience working with Security engineering to review Nessus Vulnerability / Tripwire compliance scans
- Experience performing on- site cybersecurity assessments using Standards such as CIS Benchmarks, DISA STIGS, etc.
- Broad technical experience related to IT operations, networks, OS's, and system administration

SAIC Overview:SAIC is a premier technology integrator providing full life cycle services and solutions in the technical, engineering, intelligence, and enterprise information technology markets. SAIC is Redefining Ingenuity through its deep customer and domain knowledge to enable the delivery of systems engineering and integration offerings for large, complex projects. SAIC¿s approximately 15,000 employees are driven by integrity and mission focus to serve customers in the U.S. federal government. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $4.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see ( My SAIC Benefits. EOE AA M/F/Vet/Disability

Job Posting: Jun 8, 2018, 1:05:16 PM
Primary Location: United States-VA-VIENNA
Clearance Level Must Currently Possess: None
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Teleworking: No
Travel: None
Shift: Day Job
Schedule: Full-time

Nearest Major Market: Washington DC

Job Segment: Developer, Engineer, Computer Science, Cyber Security, Testing, Technology, Engineering, Security

Apply on the Company Site
Powered ByLogo

Featured Job

Featured Employer

© Adicio Inc.